Beanstalk: The Finale
Beanstalk
DeFiHardhatFoundry
250,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Divide By Zero Issue in `EnrootFacet:enrootDeposits`

0xbeastboy

Summary

The enrootDeposits function in the EnrootFacet contract has a potential divide by zero issue when calculating depositBdv within the loop that iterates over stems. This issue arises when enrootData.totalAmountRemoved becomes zero, which can occur if no deposits are removed during the execution of the function.

Vulnerability Details

The enrootDeposits function is responsible for updating the BDV (Bean Denominated Value) of multiple unripe deposits (stems) for a given token. It iterates over each deposit, calculates depositBdv based on the proportion of newTotalBdv to totalAmountRemoved, and then adds the deposit back with the new BDV. Below is the critical section of the function:

function enrootDeposits(
address token,
int96[] calldata stems,
uint256[] calldata amounts
) external payable fundsSafu noNetFlow noSupplyChange nonReentrant mowSender(token) {
require(
s.sys.silo.unripeSettings[token].underlyingToken != address(0),
"Silo: token not unripe"
);
// First, remove Deposits because every deposit is in a different season,
// we need to get the total Stalk, not just BDV.
LibSilo.AssetsRemoved memory ar = LibSilo._removeDepositsFromAccount(
LibTractor._user(),
token,
stems,
amounts,
LibSilo.ERC1155Event.NO_EMIT_BATCH_EVENT
);
// Get enroot data.
EnrootData memory enrootData = _getTokenEnrootData(token, ar);
// Iterate through all stems, redeposit the tokens with new BDV and
// summate new Stalk.
for (uint256 i; i < stems.length; ++i) {
uint256 depositBdv;
if (i + 1 == stems.length) {
// Ensure that a rounding error does not occur by using the
// remainder BDV for the last Deposit
depositBdv = enrootData.newTotalBdv.sub(enrootData.bdvAdded);
} else {
// depositBdv is a proportional amount of the total bdv.
// Cheaper than calling the BDV function multiple times.
depositBdv = amounts[i].mul(enrootData.newTotalBdv).div(
enrootData.totalAmountRemoved
);
}
enrootData.stalkAdded = enrootData.stalkAdded.add(
addDepositAndCalculateStalk(
token,
stems[i],
amounts[i],
depositBdv,
enrootData.stemTip,
enrootData.stalkPerBdv
)
);
enrootData.bdvAdded = enrootData.bdvAdded.add(depositBdv);
}
// increment bdv and mint stalk.
// bdv and stalk from enrooting does not germinate
// given that the assets are unripe.
// reverts if bdvAdded < bdvRemoved.
LibTokenSilo.incrementTotalDepositedBdv(
token,
enrootData.bdvAdded.sub(ar.active.bdv.add(ar.even.bdv).add(ar.odd.bdv))
);
LibSilo.mintActiveStalk(
LibTractor._user(),
enrootData.stalkAdded.sub(
ar.active.stalk.add(ar.even.stalk).add(ar.odd.stalk).add(
ar.grownStalkFromGermDeposits
)
)
);
}

The potential divide by zero issue occurs in the calculation of depositBdv:

depositBdv = amounts[i].mul(enrootData.newTotalBdv).div(enrootData.totalAmountRemoved);

If enrootData.totalAmountRemoved is zero, the division operation enrootData.newTotalBdv.div(enrootData.totalAmountRemoved) will cause a runtime exception due to division by zero. This can happen if no deposits (amounts) are removed during the execution of enrootDeposits.

Impact

Division by zero will cause the transaction to revert, leading to potential loss of gas and user inconvenience. The contract might fail to update the BDV and stalk calculations correctly, leading to inconsistencies in the token deposit system.

Tools Used

Manual Review

Recommendations

To mitigate the divide by zero issue, ensure that enrootData.totalAmountRemoved is checked before performing the division operation. If totalAmountRemoved is zero, handle this edge case appropriately, such as by skipping the division or setting depositBdv to a default value.

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational/Gas

Invalid as per docs https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.